<?php

//18
session_start();
require 'connection.php';

$app = new \Slim\Slim();
$app->get('/doctype/find_all/:page', authorize('admin'), 'findAll');
//         /art_report/categor
$app->get('/doctype/find', authorize('admin'), 'find');
$app->get('/doctype/search/:search', authorize('admin'), 'search');
$app->get('/doctype/:id', authorize('admin'), 'read');
$app->post('/doctype', authorize('admin'), 'add');
$app->put('/doctype/:id', authorize('admin'), 'edit');
$app->delete('/doctype/:id', authorize('admin'), 'delete');

$app->run();

function find() {
    $sql_list = "SELECT * FROM document_type WHERE active = 1";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_list);
        $stmt->execute();
        $rst_find = $stmt->fetchAll(PDO::FETCH_OBJ);
        $db = null;
        echo json_encode($rst_find);
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
        return;
    }
}

function findAll($page) {
    $page = ($page - 1) * 10;
    $sql_list = "SELECT id, name, IF(active = 1, 'Si', 'No') active, code  FROM document_type LIMIT " . $page . ", 10";
    $sql_count = "SELECT count(*) FROM document_type ";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_list);
        $stmt->execute();
        $rst_find = $stmt->fetchAll(PDO::FETCH_OBJ);
        $result = $db->prepare($sql_count);
        $result->execute();
        $rst_count = $result->fetchColumn();
        $db = null;
        echo '{"result":' . json_encode($rst_find) . ', "count" :' . $rst_count . ' }';
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
        return;
    }
}

function search($search) {
    $sql_list = "SELECT * FROM document_type WHERE name LIKE '%" . $search . "%' ";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_list);
        $stmt->execute();
        $rst_find = $stmt->fetchAll(PDO::FETCH_OBJ);
        $db = null;
        echo '{"result":' . json_encode($rst_find) . ' , "count" :0}';
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
        return;
    }
}

function read($id) {
    $sql_read = "SELECT * FROM document_type WHERE id = :id";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_read);
        $stmt->bindParam("id", $id);
        $stmt->execute();
        $rst = $stmt->fetchObject();
        $db = null;
        echo json_encode($rst);
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
    }
}

function add() {
    $sql_add = "INSERT INTO document_type(code, name, active) VALUES (:code, :name,:active)";
    $request = \Slim\Slim::getInstance()->request();
    $param = json_decode($request->getBody());
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_add);
        $stmt->bindParam("code", $param->code);
        $stmt->bindParam("name", $param->name);
        $stmt->bindParam("active", $param->active);
        $stmt->execute();
        $id = $db->lastInsertId();
        $db = null;
        echo json_encode($id);
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
    }
}

function edit($id) {
    $sql_edit = "UPDATE document_type SET code=:code, name=:name, active=:active WHERE id=:id";
    $request = \Slim\Slim::getInstance()->request();
    $body = $request->getBody();
    $param = json_decode($body);
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_edit);
        $stmt->bindParam("code", $param->code);
        $stmt->bindParam("name", $param->name);
        $stmt->bindParam("active", $param->active);
        $stmt->bindParam("id", $id);
        $stmt->execute();
        $db = null;
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
    }
}

function delete($id) {
    $sql_delete = "DELETE FROM document_type WHERE id=:id";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_delete);
        $stmt->bindParam("id", $id);
        $stmt->execute();
        $db = null;
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
    }
}

?>